Data Breaches in Healthcare and How To Protect Your Patient Payment Data – PART II

4 minute read

Healthcare Offices – A Lucrative Target for Data Breaches

Many healthcare offices make the mistake of thinking they are too small for a cyberattack – considering that only the largest ones, like the Anthem Breach, make news.

But breaches are not just for the big boys. Small and medium-sized businesses (SMBs), including chiropractic offices, face the same cyber security threats as large companies, but with only a fraction of the resources. Rather than have an entire IT department dedicated to various aspects of security, small businesses often have just one IT person (if that!) who has to wear a lot of hats — which means security can slip through the cracks.

There are over 7 million small and medium-sized businesses in the U.S. and companies with between 1 and 1,000 employees make up a whopping 57% of breaches.

Unfortunately, SMBs also have the most to lose from a data breach. Stolen data can destroy customers’ trust and ruin a business’ reputation, which is deadly for a company with a small customer base. A breach can also result in huge monetary loss; a $100,000 loss to a multi-million dollar corporation may not make that much of a difference, but if you’re only bringing in $500,000 a year, the consequences can be devastating.

No matter how many employees you have or how much money your office brings in each year, staying on top of security concerns has to be a priority for all business owners.

You Can Devalue the Data – or Defend the Data

In 2015, Bluefin Payment Systems partnered with Chirotouch to provide integrated payment processing within ChiroTouch’s software. But Bluefin is more than just a payment processor – our company is a pioneer in the protection of credit and debit card data. We ask our clients the following question – do you want to defend your data or devalue your data?

The Defend the Data approach requires companies to build stronger security around their systems and data. The general idea is to prevent the data from being taken in the first place with firewalls, 24/7 monitoring, intrusion detection and constant patch detection. This approach is a costly and time consuming method for protecting sensitive data.

With the Devalue the Data approach, companies use technology that devalues their data before it reaches a point where it can be compromised rendering any breached and stolen data valueless in the hands of the cyber crooks. The Devalue the Data approach allows information security budgets to stretch farther while providing a complete data security solution.

Bluefin’s PCI-validated P2PE solutiondevalues the data by encrypting cardholder information at the Point of Interaction (POI) in a PCI-approved P2PE device and decryption is done off-site in an approved Bluefin Hardware Security Module (HSM). Our solution prevents clear-text cardholder data that is processed through the terminal from being present in a healthcare office’s system or network where it could be accessible in the event of a data breach.